b7c611a596df189726f9588ec95116da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b7c611a596df189726f9588ec95116da_JaffaCakes118
Size

838KB
MD5

b7c611a596df189726f9588ec95116da
SHA1

e2b9e9b0e6e1c2fa8e48c39cb2cecccea430913c
SHA256

9031fd7b26d4936150a75e633e1a2c32e27c752145266628b17e29df4af10b1a
SHA512

75f52200b900f37d5cf0f0d327dbeba2b8388b530dbfae6210166c4ae68bed40439358dc8d2e63acc5ec6056ab63bd4682a8800a193049d37a53b04c6a9021b5
SSDEEP

12288:5rwLYFXas4tm8xB1LQyXJur1wA/d3wiM+tV3/9OEclDXTrNyfL/c6:yIaZj1sRlVTN3Al7AI6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7c611a596df189726f9588ec95116da_JaffaCakes118

Files

b7c611a596df189726f9588ec95116da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ae6db31678b8ec23401da10ba38fda0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\bld\rel\gpu_drv\r177\r177_93\drivers\ui\Sedona\Sedona\Release\bin\nvCplUI.pdb

Imports

rpcrt4

UuidFromStringW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdiplus

GdipDeleteBrush
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipCreateSolidFill
GdipCreateFromHDC
GdipSetTextRenderingHint
GdipDrawString
GdipCreateFont
GdipAlloc
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipFree

wtsapi32

WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

kernel32

GetCurrentDirectoryW
GetStartupInfoW
RtlUnwind
ExitProcess
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetPrivateProfileStringW
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
WritePrivateProfileStringW
GetPrivateProfileIntW
SetErrorMode
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GetTempPathW
GetProfileIntW
SearchPathW
GetTickCount
GetCurrentThread
lstrcmpA
lstrcmpiA
ConvertDefaultLocale
EnumResourceLanguagesW
GetVersion
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
DeleteFileW
MoveFileW
GlobalFree
GlobalAlloc
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
WideCharToMultiByte
GlobalLock
GlobalUnlock
SetLastError
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
GetVersionExA
LoadLibraryA
FindResourceExW
GetModuleHandleExA
OpenMutexW
GetProcAddress
CreateMutexW
SetThreadLocale
GetSystemDirectoryW
ReleaseMutex
GetUserDefaultUILanguage
GetSystemDefaultLCID
FormatMessageW
LocalFree
GetLocalTime
CreateFileW
GetComputerNameW
CloseHandle
GetFileAttributesW
GetLocaleInfoW
lstrcmpW
FindFirstFileW
FindClose
lstrcatW
GetModuleHandleW
LoadLibraryExW
MultiByteToWideChar
GetModuleFileNameW
SizeofResource
LoadLibraryW
FreeLibrary
MulDiv
FindResourceW
LoadResource
LockResource
InterlockedDecrement
InterlockedIncrement
lstrcpynW
lstrcmpiW
HeapAlloc
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrcpyW
lstrlenW
GetVersionExW
GetLocaleInfoA
GetACP
InterlockedExchange
GetCurrentThreadId
GetThreadLocale
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetStdHandle

user32

CreateMenu
GetTabbedTextExtentA
LoadAcceleratorsW
InsertMenuItemW
BringWindowToTop
TranslateAcceleratorW
SetRectEmpty
CreateDialogIndirectParamW
EndDialog
CharUpperW
GetMenuStringW
InsertMenuW
GetMessageW
GetActiveWindow
ValidateRect
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
GetCapture
GetClassInfoExW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxW
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
SetWindowPlacement
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
PeekMessageW
TranslateMessage
DispatchMessageW
DrawFocusRect
DestroyCursor
CallWindowProcW
BeginDeferWindowPos
EndDeferWindowPos
GetClassLongW
ReleaseCapture
SetCapture
GetDCEx
SystemParametersInfoW
FillRect
LoadImageW
DrawIcon
SetRect
SetParent
FindWindowW
IsIconic
SetForegroundWindow
GetDlgItem
SetWindowTextW
GetCursorPos
OffsetRect
IsChild
InflateRect
GetClassNameW
GetKeyState
SetFocus
DestroyMenu
LoadMenuIndirectW
GetMenuItemInfoW
DeleteMenu
WindowFromPoint
ScreenToClient
RegisterWindowMessageW
IsWindowEnabled
CharLowerW
CreateWindowExW
CloseWindow
GetNextDlgTabItem
GetFocus
UpdateWindow
SetMenu
LoadMenuW
RemoveMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AppendMenuW
CreatePopupMenu
SendMessageW
GetWindowRect
InvalidateRect
EnableWindow
UnregisterClassW
PostMessageW
PtInRect
DrawFrameControl
SetWindowRgn
GetClientRect
IsWindowVisible
RedrawWindow
SetTimer
EnumDisplaySettingsW
GetWindow
GetDesktopWindow
wsprintfW
CopyRect
GetWindowTextLengthW
GetWindowTextW
DrawTextW
RegisterClassW
DefWindowProcW
BeginPaint
EndPaint
IsRectEmpty
GetDlgCtrlID
LoadBitmapW
GetWindowLongW
GetParent
IntersectRect
TrackMouseEvent
SetCursor
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
LockWindowUpdate
RegisterClipboardFormatW
GetSystemMetrics
DestroyIcon
CreateDialogParamW
WinHelpW
GetDC
ReleaseDC
GetDialogBaseUnits
IsDialogMessageW
MoveWindow
ShowWindow
SetWindowLongW
CharNextW
DestroyWindow
LoadIconW
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
PostQuitMessage
IsZoomed
UnpackDDElParam
GetSystemMenu
ReuseDDElParam
KillTimer
ClientToScreen
CallNextHookEx
IsWindow
SetWindowsHookExW
GetSysColor
RegisterClassExW
GetSysColorBrush
LoadCursorW
UnhookWindowsHookEx
DrawIconEx
SetDlgItemTextW

gdi32

GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
Escape
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
CreatePen
SelectClipRgn
CreateDCW
CreateRectRgnIndirect
SetRectRgn
CreateEllipticRgn
LPtoDP
Ellipse
StretchDIBits
GetCharWidthW
CreateFontW
SetAbortProc
AbortDoc
GetViewportOrgEx
Rectangle
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextExtentPoint32A
GetWindowOrgEx
IntersectClipRect
ExcludeClipRect
SetTextAlign
MoveToEx
LineTo
OffsetWindowOrgEx
SetBkMode
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
GetTextFaceW
GetTextMetricsW
GetTextExtentPointW
DeleteObject
GetCurrentObject
GetDeviceCaps
FrameRgn
GetRgnBox
CombineRgn
CreateRoundRectRgn
CreatePolygonRgn
CreateRectRgn
GetObjectW
CreateFontIndirectW
CreateSolidBrush
GetTextExtentPoint32W
SelectObject
GetStockObject
SetStretchBltMode
SetROP2
SetPolyFillMode
RestoreDC
SaveDC
GetBkColor
SetTextColor
DPtoLP
CreateBitmap
GetMapMode
SetMapMode
SetBkColor
CreateDIBSection
SetDIBitsToDevice
SetViewportOrgEx
PatBlt
GetTextColor
EnumFontFamiliesW
ExtTextOutW
StartDocW
StartPage
EndPage
EndDoc

msimg32

AlphaBlend

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
PrintDlgW
GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetJobW

advapi32

RegEnumKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryValueExA
RegOpenKeyExA
SetFileSecurityW
RegCreateKeyW
RegQueryValueW
RegDeleteKeyW
RegOpenKeyW
RegSetValueW
GetFileSecurityW

shell32

ShellExecuteW
ShellExecuteExW
SHGetFileInfoW
DragFinish
DragQueryFileW
ExtractIconW
ExtractAssociatedIconW

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_Add
ImageList_Create
ord17
ImageList_Destroy
ImageList_GetImageInfo

shlwapi

PathFindFileNameW
SHGetValueW
SHSetValueW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRegisterClassObject
CoRevokeClassObject
CLSIDFromString
CoGetMalloc
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoRegisterMessageFilter
StringFromGUID2
OleFlushClipboard
StringFromCLSID

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysStringLen
LoadRegTypeLi
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
SystemTimeToVariantTime
OleCreateFontIndirect

Sections

.text
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.irdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4ae6db31678b8ec23401da10ba38fda0

Headers

File Characteristics

PDB Paths

Imports

rpcrt4

version

gdiplus

wtsapi32

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 404KB - Virtual size: 402KB

.rdata Size: 112KB - Virtual size: 109KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 236KB - Virtual size: 234KB

.irdata Size: 60KB - Virtual size: 60KB

.text
Size: 404KB - Virtual size: 402KB

.rdata
Size: 112KB - Virtual size: 109KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 236KB - Virtual size: 234KB

.irdata
Size: 60KB - Virtual size: 60KB